Generating a PKCS #12 File

The following procedure provides a general description of generating
a PKCS #12 file when using the Host OnDemand (HOD) Redirector using SSL/TLS. Refer
to the HOD documentation for detailed information about performing this task.

Generating a PKCS #12 File: General Steps

Create a new HODServerKeyDb.kdb file using
the IBM
Certificate Management tool. As part of that file, create a new self-signed
certificate as the default private certificate.

If you get a message
that is similar to “error adding key to the certificate database”
when you are creating the HODServerKeyDb.kdb file, one
or more of the Trusted CA certificates may be expired. Check the IBM website
to obtain up-to-date certificates.

Export that private certificate as Base64 ASCII into a cert.arm file.

Create a new PKCS #12 file named CustomizedCAs.p12 with
the IBM Certificate Management tool by adding the exported certificate from
the cert.arm file to the Signer Certificates. Use hod as
the password for this file.